Winona County Data Breach Exposes Sensitive Resident Information in January Cyberattack
Winona County, Minnesota, notified residents in mid-May that their personal data was compromised during a cyberattack in January. The breach, detected on January 22, occurred between January 18 and 22, with cybercriminals accessing and exfiltrating sensitive information from county systems.
A forensic review completed on April 16 identified the types of data exposed, which included names, addresses, Social Security numbers, driver’s license details, medical records, law enforcement report information, financial account data, and payment card details including CVV numbers and expiration dates. A small subset of individuals also had online account credentials and passwords compromised.
Upon discovering the incident, county officials secured their network, launched an investigation, and collaborated with the FBI. Additional security measures were implemented to prevent future breaches, and state regulators were notified. The county’s public notice, published on May 12, confirmed that affected residents were informed via mail.
This breach is separate from a subsequent ransomware attack in April, about which few details have been disclosed. The full scope and impact of the April incident remain unclear.
Source: https://www.govtech.com/security/winona-county-minn-alerts-residents-after-cyber-attack
Winona County cybersecurity rating report: https://www.rankiteo.com/company/winona-county
"id": "WIN1780511287",
"linkid": "winona-county",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Residents of Winona County',
'industry': 'Public Sector',
'location': 'Minnesota, USA',
'name': 'Winona County',
'type': 'Government'}],
'customer_advisories': 'Affected residents notified via mail',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Names, addresses, '
'Social Security '
'numbers, driver’s '
'license details, law '
'enforcement report '
'information',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information',
'Medical Records',
'Financial Data',
'Payment Card Information',
'Online Account Credentials']},
'date_detected': '2024-01-22',
'date_publicly_disclosed': '2024-05-12',
'description': 'Winona County, Minnesota, notified residents in mid-May that '
'their personal data was compromised during a cyberattack in '
'January. The breach, detected on January 22, occurred between '
'January 18 and 22, with cybercriminals accessing and '
'exfiltrating sensitive information from county systems. A '
'forensic review completed on April 16 identified the types of '
'data exposed, which included names, addresses, Social '
'Security numbers, driver’s license details, medical records, '
'law enforcement report information, financial account data, '
'and payment card details including CVV numbers and expiration '
'dates. A small subset of individuals also had online account '
'credentials and passwords compromised.',
'impact': {'data_compromised': 'Sensitive resident information including '
'names, addresses, Social Security numbers, '
'driver’s license details, medical records, '
'law enforcement report information, financial '
'account data, payment card details (CVV '
'numbers and expiration dates), online account '
'credentials, and passwords',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Completed (forensic review finished on 2024-04-16)',
'post_incident_analysis': {'corrective_actions': 'Additional security '
'measures implemented'},
'references': [{'date_accessed': '2024-05-12',
'source': 'Public Notice by Winona County'}],
'regulatory_compliance': {'regulatory_notifications': 'State regulators '
'notified'},
'response': {'communication_strategy': 'Public notice and mailed '
'notifications to affected residents',
'containment_measures': 'Secured network',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'FBI',
'remediation_measures': 'Additional security measures '
'implemented'},
'title': 'Winona County Data Breach Exposes Sensitive Resident Information',
'type': 'Data Breach'}